ReportizFlow
Filtered by vendor
Subscriptions
Total
9266 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6502 | 1 Prochatrooms | 1 Pro Chat Rooms | 2026-04-23 | N/A |
| Directory traversal vulnerability in Pro Chat Rooms 3.0.2 allows remote authenticated users to select an arbitrary local PHP script as an avatar via a .. (dot dot) in the avatar parameter, and cause other users to execute this script by using sendData.php to send a message to (1) an individual user or (2) a room, leading to cross-site request forgery (CSRF), cross-site scripting (XSS), or other impacts. | ||||
| CVE-2007-5782 | 1 Fireconfig | 1 Fireconfig | 2026-04-23 | N/A |
| Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-2840 | 1 Exerocms | 1 Exero Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to (1) custompage.php, (2) errors/404.php, (3) members/memberslist.php, (4) members/profile.php, (5) news/fullview.php, (6) news/index.php, (7) nopermission.php, (8) usercp/avatar.php, or (9) usercp/editpassword.php in themes/Default/. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2863 | 1 Elinestudio | 1 Site Composer | 2026-04-23 | N/A |
| Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/. | ||||
| CVE-2008-2887 | 1 Chaozzatwork | 1 Fubarforum | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2007-3072 | 1 Mozilla | 1 Firefox | 2026-04-23 | N/A |
| Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on Windows allows remote attackers to read arbitrary files via ..%5C (dot dot encoded backslash) sequences in a resource:// URI. | ||||
| CVE-2009-2275 | 1 Cpanel | 1 Cpanel | 2026-04-23 | N/A |
| Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter. | ||||
| CVE-2009-2015 | 2 Ideal, Joomla | 2 Com Moofaq, Joomla | 2026-04-23 | N/A |
| Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2008-2820 | 1 Azimyt | 1 Open Azimyt Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in lang/lang-system.php in Open Azimyt CMS 0.22 minimal and 0.21 stable allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2008-2838 | 1 Traindepot | 1 Traindepot | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter. | ||||
| CVE-2008-2889 | 1 Wise-ftp | 1 Wise-ftp | 2026-04-23 | N/A |
| Directory traversal vulnerability in the FTP client in AceBIT WISE-FTP 4.1.0 and 5.5.8 allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
| CVE-2008-5291 | 1 Fuzzylime | 1 Fuzzylime Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in code/track.php in FuzzyLime 3.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter, a different vector than CVE-2007-4805 and CVE-2008-3165. | ||||
| CVE-2007-4683 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory. | ||||
| CVE-2009-3583 | 1 Sql-ledger | 1 Sql-ledger | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the countrycode field. | ||||
| CVE-2008-6167 | 1 Miniportail | 1 Miniportail | 2026-04-23 | N/A |
| Directory traversal vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lng parameter. | ||||
| CVE-2007-6368 | 1 Ezcontents | 1 Ezcontents | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in ezContents 1.4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the link parameter. | ||||
| CVE-2008-2795 | 1 Idm Computer Solutions Inc | 1 Ultraedit | 2026-04-23 | N/A |
| Directory traversal vulnerability in the FTP and SFTP clients in IDM Computer Solutions Inc UltraEdit 14.00b allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) or a ..\ (dot dot backslash) in a response to a LIST command. | ||||
| CVE-2008-2818 | 1 Easy-clanpage | 1 Easy-clanpage | 2026-04-23 | N/A |
| Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the section parameter to the default URI. | ||||
| CVE-2007-5742 | 1 Wesnoth | 1 Wesnoth | 2026-04-23 | N/A |
| Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors. | ||||
| CVE-2007-4559 | 2 Python, Redhat | 4 Python, Enterprise Linux, Rhel Eus and 1 more | 2026-04-23 | 9.8 Critical |
| Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. | ||||